PyPI Changelog Tests Documentation Status License

A tool for creating credentials for accessing S3 buckets

For project background, see s3-credentials: a tool for creating credentials for S3 buckets on my blog.

Why would you need this? If you want to read and write to an S3 bucket from an automated script somewhere, you’ll need an access key and secret key to authenticate your calls. This tool helps you create those with the most restrictive permissions possible.

If your code is running in EC2 or Lambda you can likely solve this using roles instead. This tool is mainly useful for when you are interacting with S3 from outside the boundaries of AWS itself.


Install this tool using pip:

$ pip install s3-credentials



You can see a log of changes made by this tool using AWS CloudTrail - the following link should provide an Event History interface showing revelant changes made to your AWS account such as CreateAccessKey, CreateUser, PutUserPolicy and more:


You can view a list of your S3 buckets and confirm that they have the desired permissions and properties here:


The management interface for an individual bucket is at https://console.aws.amazon.com/s3/buckets/NAME-OF-BUCKET